A Novel Technique for Cloud Computing Data Security and Public Auditing

In prior years, the fast improvement of cloud storage services makes it simpler than at any other time for cloud clients to disseminate information (data) with everyone. To ensure client's trust in the dependability of their public information on the cloud, various strategies have been proposed for information trustworthiness assessing with spotlights on different viable components, secure data destructing, public integrity auditing and so forth.. Since it is not achievable to execute full lifecycle protection security, access control turns into a testing assignment, particularly when we share delicate information on cloud servers. To handle this issue, proposed framework presents a key strategy trait based encryption with time-determined properties (KP-TSABE), another safe information self-destructing framework in distributed computing. Moreover open respectability inspecting frameworks presented for cloud information sharing administrations that check the uprightness of client's delicate information being put away in the cloud. In the KP-TABE plan, each figure content is marked with a period interim while the private key is connected with a period moment. The figure message just is unscrambled if both the time instant is in the permitted time interim and traits which are connected with the figure content guarantee the key's entrance structure. Also, Third Party Auditing (TPA) is acquainted with help clients to assess the danger of their subscribed cloud data administrations. The review result from TPA would likewise be useful for the cloud administration suppliers to upgrade cloud-based administration stage

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

Emerge: Self-Emerging Data Release Using Cloud Data Storage

In the age of Big Data, advances in distributed technologies and cloud storage services provide highly efficient and cost-effective solutions to large scale data storage and management. Supporting self-emerging data using clouds is a challenging problem. While straight-forward centralized approaches provide a basic solution to the problem, unfortunately they are limited to a single point of trust. Supporting attack-resilient timed release of encrypted data stored in clouds requires new mechanisms for self emergence of data encryption keys that enables encrypted data to become accessible at a future point in time. Prior to the release time, the encryption key remains undiscovered and unavailable in a secure distributed system, making the private data unavailable. In this paper, we propose Emerge, a self-emerging timed data release protocol for securely hiding data encryption keys of private encrypted data in a large-scale Distributed Hash Table (DHT) network that makes the data available and accessible only at the defined release time. We develop a suite of erasure-coding-based routing path construction schemes for securely storing and routing encryption keys in DHT networks that protect an adversary from inferring the encryption key prior to the release time (release-ahead attack) or from destroying the key altogether (drop attack). Through extensive experimental evaluation, we demonstrate that the proposed schemes are resilient to both release-ahead attack and drop attack as well as to attacks that arise due to traditional churn issues in DHT networks

Privacy Enhancing Technologies for solving the privacy-personalization paradox : taxonomy and survey

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as well as sensor-acquired data that may reveal users’ physical conditions, habits and interests. Consequently, this may lead to undesired consequences such as unsolicited advertisement and even to discrimination and stalking. To mitigate privacy threats, several techniques emerged, referred to as Privacy Enhancing Technologies, PETs for short. On one hand, the increasing pressure on service providers to protect users’ privacy resulted in PETs being adopted. One the other hand, service providers have built their business model on personalized services, e.g. targeted ads and news. The objective of the paper is then to identify which of the PETs have the potential to satisfy both usually divergent - economical and ethical - purposes. This paper identifies a taxonomy classifying eight categories of PETs into three groups, and for better clarity, it considers three categories of personalized services. After defining and presenting the main features of PETs with illustrative examples, the paper points out which PETs best fit each personalized service category. Then, it discusses some of the inter-disciplinary privacy challenges that may slow down the adoption of these techniques, namely: technical, social, legal and economic concerns. Finally, it provides recommendations and highlights several research directions

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

Client-side encryption and key management: enforcing data confidentiality in the cloud.

Master of Science in Computer Science. University of KwaZulu-Natal, Durban 2016.Cloud computing brings flexible, scalable and cost effective services. This is a computing paradigm whose services are driven by the concept of virtualization and multi-tenancy. These concepts bring various attractive benefits to the cloud. Among the benefits is reduction in capital costs, pay-per-use model, enormous storage capacity etc. However, there are overwhelming concerns over data confidentiality on the cloud. These concerns arise from various attacks that are directed towards compromising data confidentiality in virtual machines (VMs). The attacks may include inter-VM and VM sprawls. Moreover, weaknesses or lack of data encryption make such attacks to thrive. Hence, this dissertation presents a novel client-side cryptosystem derived from evolutionary computing concepts. The proposed solution makes use of chaotic random noise to generate a fitness function. The fitness function is used to generate strong symmetric keys. The strength of the encryption key is derived from the chaotic and randomness properties of the input noise. Such properties increase the strength of the key without necessarily increasing its length. However, having the strongest key does not guarantee confidentiality if the key management system is flawed. For example, encryption has little value if key management processes are not vigorously enforced. Hence, one of the challenges of cloud-based encryption is key management. Therefore, this dissertation also makes an attempt to address the prevalent key management problem. It uses a counter propagation neural network (CPNN) to perform key provision and revocation. Neural networks are used to design ciphers. Using both supervised and unsupervised machine learning processes, the solution incorporates a CPNN to learn a crypto key. Using this technique there is no need for users to store or retain a key which could be compromised. Furthermore, in a multi-tenant and distributed environment such as the cloud, data can be shared among multiple cloud users or even systems. Based on Shamir's secret sharing algorithm, this research proposes a secret sharing scheme to ensure a seamless and convenient sharing environment. The proposed solution is implemented on a live openNebula cloud infrastructure to demonstrate and illustrate is practicability